As reported by The Hacker News, a stealthy botnet named Masjesu has been identified, operating as a distributed denial-of-service (DDoS) for-hire service. Since its emergence in 2023, Masjesu has been advertised on Telegram, targeting a wide array of Internet of Things (IoT) devices, including routers and gateways across various architectures.Masjesu, also known as XorBot due to its use of XOR encryption, prioritizes low visibility and persistence, deliberately avoiding high-profile targets like Department of Defense IP ranges. Researchers have observed it incorporating multiple command injection and code execution exploits to gain initial access to devices from manufacturers such as D-Link, Huawei, and TP-Link.The botnet's infrastructure, primarily originating from Vietnam, Ukraine, and India, is used to launch volumetric DDoS attacks against content delivery networks, game servers, and enterprises. Once compromised, devices are instructed to connect to a hard-coded port to receive commands for executing attacks and to self-propagate by scanning for vulnerable devices.Source: The Hacker News
IoT, Network Security, Threat Intelligence
Masjesu botnet: Stealthy DDoS-for-hire service targets IoT devices

(Adobe Stock)
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



